CVE-2020-9956

State: PUBLISHED · Published: 2021-04-02 · Updated: 2024-08-04 · Assigner: apple

Description

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted font file may lead to arbitrary code execution.

CWE

(none)

Affected

Apple / tvOS — v=unspecified <14.0 [affected]
Apple / watchOS — v=unspecified <7.0 [affected]
Apple / iOS and iPadOS — v=unspecified <14.0 [affected]
Apple / macOS — v=unspecified <11.0 [affected]
Apple / macOS — v=unspecified <11.1 [affected]

CVSS

(none)

References

https://support.apple.com/en-us/HT211843 x_refsource_MISC
https://support.apple.com/en-us/HT211850 x_refsource_MISC
https://support.apple.com/en-us/HT211844 x_refsource_MISC
https://support.apple.com/en-us/HT211931 x_refsource_MISC
https://support.apple.com/en-us/HT212011 x_refsource_MISC

Source

cvelistV5-main/cves/2020/9xxx/CVE-2020-9956.json